Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/_uPGv4_2m4GKsO_7P3ArhdUotlE.roa
File: _uPGv4_2m4GKsO_7P3ArhdUotlE.roa (raw, json)
Hash identifier: 0DhIXbVkh0vFqAY+gsXdDukpHq5InHKGd4DuN7cFixQ=
Subject key identifier: FE:E3:C6:BF:8F:F6:9B:81:8A:B0:EF:FB:3F:70:2B:85:D5:28:B6:51
Certificate issuer: /CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Certificate serial: 018A418E1289D1E1A2A7B7A5911B93FA9CF9
Authority key identifier: 7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/_uPGv4_2m4GKsO_7P3ArhdUotlE.roa
Signing time: Tue 29 Aug 2023 13:49:04 +0000
ROA not before: Tue 29 Aug 2023 13:49:04 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 58238
IP address blocks: 109.107.168.0/23 maxlen: 23
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8a:41:8e:12:89:d1:e1:a2:a7:b7:a5:91:1b:93:fa:9c:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7acfd0797e2d9bd3539d195a031241a56a02a16a
Validity
Not Before: Aug 29 13:49:04 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=fee3c6bf8ff69b818ab0effb3f702b85d528b651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:20:79:50:15:0f:4a:62:41:67:e8:cf:39:0e:
7b:f7:e8:f3:b8:a8:ed:ab:5d:44:dc:a1:42:f5:fd:
d2:20:b8:30:84:7c:06:33:f2:3b:c1:a7:0d:88:0f:
92:18:22:72:1b:85:f2:67:23:52:fc:de:6a:fb:25:
6a:48:e6:5e:3d:62:c5:35:bb:29:6a:d7:a0:7f:2c:
02:0e:8b:78:37:ef:91:d3:ac:4f:2a:93:4a:c7:3b:
92:26:b0:0b:68:b8:68:c6:54:af:7b:4a:40:b6:71:
4c:06:b3:a3:4b:73:02:a2:e3:d7:f9:36:57:c2:e0:
0b:8f:c0:be:4c:de:46:d8:26:7f:14:c3:07:88:1d:
61:fc:60:8a:8c:86:1d:5a:d3:43:8b:da:cf:41:ba:
9e:9d:e4:ba:89:8f:f9:7c:f6:0a:76:53:75:f0:91:
15:86:75:b6:64:91:0d:a8:f5:41:c2:f4:31:6a:5f:
18:c4:5b:ab:23:2a:ff:e0:78:51:5f:09:9e:5e:35:
bf:60:54:92:f3:9b:b1:33:d8:a7:01:b9:07:1b:96:
5e:ac:61:e1:35:0a:12:50:c8:c4:ca:1f:9f:95:50:
cb:81:96:84:7e:cd:86:24:25:24:4e:86:85:cf:24:
c6:af:18:7a:e8:f9:f5:3c:35:8d:d5:e2:48:6c:7e:
46:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:E3:C6:BF:8F:F6:9B:81:8A:B0:EF:FB:3F:70:2B:85:D5:28:B6:51
X509v3 Authority Key Identifier:
keyid:7A:CF:D0:79:7E:2D:9B:D3:53:9D:19:5A:03:12:41:A5:6A:02:A1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/es_QeX4tm9NTnRlaAxJBpWoCoWo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/_uPGv4_2m4GKsO_7P3ArhdUotlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3b/afbab5-adcf-4e57-92ea-9f4025571cba/1/es_QeX4tm9NTnRlaAxJBpWoCoWo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.107.168.0/23
Signature Algorithm: sha256WithRSAEncryption
49:e5:bc:2a:11:1d:db:d1:a8:4f:ed:6b:ff:3a:40:1d:39:53:
11:f9:91:0e:01:63:b8:7d:0c:eb:a5:05:39:31:d1:e0:04:b2:
99:18:aa:d6:7b:12:03:b7:d5:52:b7:3b:e3:d6:b2:b5:e8:f8:
22:41:fb:6a:55:11:da:0b:8a:50:fa:bc:95:69:bc:4a:23:c1:
53:a5:21:85:37:27:7a:3f:1b:3c:a2:b0:b7:f3:cd:6a:c7:86:
dd:0f:48:83:61:f0:67:ab:60:5e:79:18:0e:56:a1:2c:7e:b5:
f0:db:76:3d:2d:78:c4:d8:bf:56:b2:53:61:c7:ee:bb:53:a7:
18:0c:7b:f4:1e:86:4c:29:25:c0:16:c8:7b:5c:bf:24:a2:58:
96:f1:0f:70:a1:ef:fe:5c:32:47:42:cb:09:59:82:14:28:64:
87:c8:71:3f:07:19:85:c2:e4:70:bb:69:c9:7d:c7:87:a0:17:
73:54:c9:f6:8f:ac:5a:92:cf:99:db:3d:05:46:28:76:f1:94:
60:50:7b:8b:14:de:a5:ee:8f:1b:b1:c6:61:bd:f3:1f:c3:8f:
ad:70:dc:44:8a:1c:6a:ae:c7:2c:c5:26:05:2c:ba:9b:90:40:
fe:c6:9f:92:f5:0a:bd:9b:bc:e6:73:11:3b:92:11:44:3b:6d:
87:00:39:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYpBjhKJ0eGip7elkRuT+pz5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhY2ZkMDc5N2UyZDliZDM1MzlkMTk1YTAzMTI0MWE1NmEw
MmExNmEwHhcNMjMwODI5MTM0OTA0WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWUzYzZiZjhmZjY5YjgxOGFiMGVmZmIzZjcwMmI4NWQ1MjhiNjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmSB5UBUPSmJBZ+jPOQ579+jzuKjt
q11E3KFC9f3SILgwhHwGM/I7wacNiA+SGCJyG4XyZyNS/N5q+yVqSOZePWLFNbsp
ategfywCDot4N++R06xPKpNKxzuSJrALaLhoxlSve0pAtnFMBrOjS3MCouPX+TZX
wuALj8C+TN5G2CZ/FMMHiB1h/GCKjIYdWtNDi9rPQbqeneS6iY/5fPYKdlN18JEV
hnW2ZJENqPVBwvQxal8YxFurIyr/4HhRXwmeXjW/YFSS85uxM9inAbkHG5ZerGHh
NQoSUMjEyh+flVDLgZaEfs2GJCUkToaFzyTGrxh66Pn1PDWN1eJIbH5GswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP7jxr+P9puBirDv+z9wK4XVKLZRMB8GA1UdIwQY
MBaAFHrP0Hl+LZvTU50ZWgMSQaVqAqFqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEt
OWY0MDI1NTcxY2JhLzEvX3VQR3Y0XzJtNEdLc09fN1AzQXJoZFVvdGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYi9hZmJhYjUtYWRjZi00ZTU3LTkyZWEtOWY0MDI1NTcxY2Jh
LzEvZXNfUWVYNHRtOU5UblJsYUF4SkJwV29Db1dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbWuoMA0G
CSqGSIb3DQEBCwUAA4IBAQBJ5bwqER3b0ahP7Wv/OkAdOVMR+ZEOAWO4fQzrpQU5
MdHgBLKZGKrWexIDt9VStzvj1rK16PgiQftqVRHaC4pQ+ryVabxKI8FTpSGFNyd6
Pxs8orC3881qx4bdD0iDYfBnq2BeeRgOVqEsfrXw23Y9LXjE2L9WslNhx+67U6cY
DHv0HoZMKSXAFsh7XL8koliW8Q9woe/+XDJHQssJWYIUKGSHyHE/BxmFwuRwu2nJ
fceHoBdzVMn2j6xaks+Z2z0FRih28ZRgUHuLFN6l7o8bscZhvfMfw4+tcNxEihxq
rscsxSYFLLqbkED+xp+S9Qq9m7zmcxE7khFEO22HADmg
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:26:09 2024 by rpki-client on console-fra.rpki-client.org